Last updated: October 17, 2018

This document (the “Privacy Policy”) applies to all products and services offered by BASIS ID, fully owned by DataDepot OÜ, a limited liability company registered in the Republic of Estonia under registration number and having its registered at address Joala 3-6, Narva, Estonia, 14078299  (“BASIS ID,” “we,” or “us”). Privacy Policy informs you of BASIS ID’s policies regarding the collection, use and disclosure of any personal information you provided to BASIS ID through the Website, App, Services or otherwise. This Privacy Policy shall serve as an integral part of our Terms and Conditions (the “Terms”) and Subscription Terms. The definitions of terms starting with capital letters can be found in the BASIS ID Terms which together with this Privacy Policy must be read and accepted prior to using the BASIS ID Website, App and/or Services.

We respects your privacy and the integrity of your personal identifiable information (“Personal Data”). This Privacy Policy sets out the principles BASIS ID follows when collecting, using, disclosing, retaining and removing Personal Data and describes other important topics relating to your privacy. This policy applies to any individual’s Personal Data which is in our possession or under our control.

 

1. INFORMATION COLLECTION AND USE

1.1. Information you provide:

We may collect your Personal Data from you when you interact with our Service, this may include, for example, registering user account, completing know-your-customer process for your identification (“KYC”), using other Services and/or contacting us via various means of communication.

By voluntarily providing us with your Personal Data, whether through the Website, App or otherwise, you consent, agree and accept that we, as well as our respective representatives and/or agents may collect, use, disclose your Personal Data as described in this Privacy Policy. Additionally, by giving your consent for us to process your Personal Data, you hereby represent that you are the owner of such Personal Data and you are authorised to provide it to BASIS ID.

Please note, that processing of personal data covers a wide range of actions with connection to personal data. Processing may be performed by manual, automated or other means and includes collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.

1.2. Information we collect from you:

We collect personal data through our Know Your Customer Service. KYC Service is created to provide verification and identification services to merchants. These merchants have authorised us to serve as data processor with regard to the data of their customers. This means that we may act only on documented instructions from them. We may additionally collect your personal information with our other services, thus the scope of collected information may differWe may collect and process the following data:

  • Contact information

when you create BASIS ID account, go through the verification process, subscribe to the BASIS ID Services, contact us by any communication means possible or participate in an online survey, including your full name, country of citizenship, mailing address, telephone number, and email address

  • Personal identification information 

when you go through the verification process, including passport or other identification documents, documents to verify your place of residence, photos or videos used for facial recognition.

  • Biometric data

when you go through the verification process, including video recording of your face from different angles measures and matches the unique characteristics for the purposes of biometric identification or authentication

  • Biographic or demographic information

when you create BASIS ID account, go through the verification process, including your date of birth, gender, if applicable

  • Banking information

when you go through the verification process, including your bank statement

  • Payment information 

when you go through the verification process and/or subscribe to our Services, including you debit or credit card number

  • Social Network data 

when you go through the verification process, contact or connect with BASIS ID through Social Media, including your Facebook, Google, LinkedIn, Twitter, Instagram usernames

  • User account data 

when you create BASIS ID account or communicate with us via App, including your username and password to access the BASIS ID Services

  • Personal opinions made known to us

when you participate in an online survey, including feedback or responses to surveys

  • Device and Log Information

when you visit our website or CRM, use our Services on the website, CRM and/or App, including type of device, time of log in, IP address, device identifiers, mobile network information, type of operating system, and the type of browser used.

1.3. In order to effectively carry out verification in accordance with the applicable anti-money laundering (“AML”) and terrorist financing prevention laws, we may also obtain information from other sources and combine that with information we collect through the Website or the App. For example, we may collect information available about you from publicly accessible websites, social media networks or public databases. We may also make inquiries to governmental agencies, financial institutions, international agencies and non-public third-party databases to verify the correctness of the information you have provided to us.

 

2. USAGE OF YOUR PERSONAL DATA

We may process you Personal Data for the purposes described in this Privacy Policy with your consent, for compliance with a legal obligation BASIS ID may be subject to, as a contractual obligation to provide Services to merchants, or when it necessary for the purposes of legitimate interests pursued by BASIS ID.

We use, store, and process information, including your personal information, about you in order to carry out provide and ensure your access to the Services, improve and develop BASIS ID, and maintain a trusted and safer environment and comply with our legal obligations.

2.1. Providing and ensuring the access to the Services, improving and developing BASIS ID

  • We may use your Personal Data to verify your identity and for anti-fraud purposes to meet the standards of the applicable anti-money laundering and terrorist financing prevention laws and standards.
  • You Personal Data will allow us comply to our contractual obligations, including to perform the agreement with you or with the third party you have given the consent to process your data, realisation of rights arising from this agreement and for performance of the obligations arising from the agreement.
  • We will use you contact information and identification information to process your inquiries and requests.
  • From time to time, we will use your contact information to send important notices, including legal notices. Your contact information will be used to prevent potentially prohibited or illegal activities carried out via the App or the Website and enforce the Terms.
  • Your user account data, contact information and the data we collect automatically in the course of your usage of the Services is used to provide you with the Services and personalise the approach to you, including managing your user account, providing customer support, sending updates, collecting fees, etc.
  • Device and log information is also used to measure and improve the Services that are available on the Website and the App.
  • Banking or credit card details to forward them directly to the payment Service Provider for processing payment. Note, that BASIS ID will not be able to access your bank account or credit card details at any time.
  • Your social network data will be used for communication with you, analysing your responses to surveys, credit scoring purposes and to suggest services that you might be interested in connecting to the BASIS ID platform if you have provided us a separate consent to do so.
  • We may also use the information about you for any other purpose for which the information was collected, provided that such purpose was disclosed to you at the time of collection or you provided a separate consent for processing your data for such purpose.
  • We process this information given our legitimate interest in improving the BASIS ID Platform and our clients’ experience with it, and where it is necessary for the adequate performance of the contract with you.

2.2 Creating and maintaining a trusted and safer environment

We use your personal data to:

  • Detect and prevent fraud, spam, abuse, security incidents, and other harmful activity.
  • Conduct security investigations and risk assessments.
  • Conduct checks against databases and other information sources, including Sanction Screening process, to the extent permitted by applicable laws and with your consent where required.
  • Comply with all applicable laws, regulations, rules, directives, orders, instructions and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities.
  • Enforce obligations owed to us.
  • Carry out financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record keeping purposes.
  • Resolve any disputes with any of our users, responding to queries or feedback, and enforce our agreements with third parties.
  • Enforce our Terms and Conditions and other policies.

We process this information given our legitimate interest in protecting the BASIS ID, to measure the adequate performance of our contract with you, and to comply with applicable laws.

2.3 Providing, personalising, measuring, and improving our Advertising and Marketing.

Should you indicate so separately via the App or the Website, we will use your contact information to send you latest announcements, updates, news and/or upcoming events, promotional messages, marketing, advertising, and other information that may be of interest to you based on your preferences (including information about BASIS ID or Service Provider’s services):

  • To personalise, measure, and improve our advertising;
  • For credit scoring purposes and to suggest services that you might be interested in connecting to the BASIS ID platform.

We will process your personal information for the purposes listed in this section given our legitimate interest in undertaking marketing activities to offer you products or services that may be of your interest.

 

3. SHARING AND DISCLOSURE

3.1 BASIS ID shall make available your data to the third party to the extent you have consented to in accordance with your agreement with such third party.

3.2 We may, based on your consent, our agreements with third parties, and in compliance with applicable laws on data privacy, disclose your personal data to any personnel of BASIS ID or to the personnel of the third party, whether located in Estonia or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your Personal Data to such parties, we require them to ensure that any Personal Data disclosed to them are kept confidential and secure. For more information about the third parties with whom we share your Personal Data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or our customer. You may also contact us for more information at support@basisid.com.

3.3 BASIS ID does not sell or trade your personal data to any third parties. As some of the BASIS ID Services may be provided by our affiliate companies, we may make your data available to our affiliate companies in order to provide you the Services. Our affiliate companies are:

Data Depot Asia PTE LTD, a limited liability company registered in Singapore under registration number 201713091C, address Block79 @ Launchpad, 79 Ayer Rajah Crescent, 05#08 Singapore 139955.

3.4 In addition, we will only provide your data to third parties if you have consented to such transfer of your data pursuant to the privacy policy with a third-party Service Provider or if such transfer is required by law.

3.5 Please note that the Website and the App enable you to see and manage the data that you have made available to third parties via the BASIS ID Services. Furthermore, to the extent made available by BASIS ID, the App and the Website enable you to restrict third party Service Providers from further processing of your data or change the extent of the data that a particular third party Service Provider receives.

3.6 In addition, BASIS ID may use other third party authorised processors such as technical service providers, identity verification services, mail carriers, IT companies, communication agencies, and hosting providers to process your data in order to provide you the Services. For example, your data may be stored in servers hosted by third party cloud service providers such as Google, Amazon, Microsoft Azure, etc., which may be located anywhere around the world. The data stored in such servers is secured and cannot be accessed by any third parties. Please contact BASIS ID to receive and updated list of such authorised processors. Any such authorised processor shall be obliged to adhere to the restrictions set forth in this Privacy Policy and the applicable data protection laws.

 

4. COMPLIANCE WITH LAW

4.1 BASIS ID may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorised third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) to comply with our legal obligations, (ii) to comply with legal process and to respond to claims asserted against BASIS ID, (iii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iv) to enforce and administer our Terms and Conditions, or (v) to protect the rights, property or personal safety of BASIS ID, its employees, its Users, or members of the public.

4.2 Where appropriate, we may notify users about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would create a risk of any related illegal activity on BASIS ID’s property, platform and/or human resources. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that User about the request after the fact where appropriate and where we determine in good faith that we are no longer prevented from doing so.

 

5. YOUR RIGHTS 

5.1 You have a right to be informed of Personal Data controlled by BASIS ID, a right to  access Personal Data, a right to rectification/correction, a right to withdraw the consent ,  a right to erasure and restriction of processing and a right to object. You also have the right to receive from BASIS ID a structured, common and machine-readable format of Personal Data you provided to us.

5.2 We can only adhere to your request and provide information if we have Personal Data about you through you having made contact with us directly and/or you using our App, Website and/or service.

5.3 Please note that with respect to exercising such rights as rectification, deletion, restriction of processing and objecting, BASIS ID may not be able to fully assist you in this matter. You can only exercise such rights against BASIS ID directly over the information that BASIS ID holds as data controller. In cases when BASIS ID is acting as data processor towards the data you wish to exercise your right, we will exert our every effort to be able to respond to your request. However, in some cases we may ask you to refer your request to data controller, as it is provided by law.

5.4 Where you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of the BASIS ID Website, App and/or Services. You further agree that BASIS ID shall not be held liable with respect to any loss and/or damage to your Personal Data if you choose to withdraw consent.

5.5 Where Personal Data is processed for the above purposes on the basis of BASIS ID’s legitimate interests, under the GDPR, you may object to such processing at any time.

5.6 You may exercise any of the rights described in this section by sending a respective request to support@basisid.com. Please note that we may ask you to verify your identity before taking further action on your request.

5.7 Managing your information
You may access and update some of your information through your Account settings. For example, if you have chosen to connect your Account to a third-party in the App, you can change your settings and remove permission for the for the third-party to access your Personal Data by changing your Account settings. You are responsible for keeping your personal information up-to-date.

 

6. DATA RETENTION

We will retain your personal information only for so long as it is required for the purposes for which it was collected. This period may extend beyond the end of your relationship with us, but only for so long as is reasonably necessary for us to have sufficient information to respond to any legal issues that may arise after the end of your relationship with us or for as long as required by law. When your personal information is no longer required, we will destroy, delete or convert it into an anonymous form.

 

7. COMMUNICATION

We may occasionally send you notification emails about updates to our product, legal documents, offer customer support or marketing emails. Except for cases where we are required to do so by law (e.g. notifying you of a data breach), you shall have the opportunity to unsubscribe from receiving these messages free of charge.

 

8. PROTECTION OF PERSONAL INFORMATION

We endeavour to maintain appropriate physical, procedural and technical safeguards with respect to our offices and information storage facilities in order to prevent any loss, misuse, or unauthorised access, disclosure, or modification of your personal information.

We further protect personal information by restricting its access to those employees, contractors, advisers, affiliates and service providers that we determine to reasonably require access to such information for any of the purposes stated in this Privacy Policy.

 

9. COOKIES

Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your device from a web site and stored on your device’s hard drive.

We use cookies to collect information such as to confirm that you are logged in; compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of services provided by BASIS ID or third parties. For more information, please refer to our Cookie Policy .

 

10. THIRD PARTY WEBSITES AND SERVICES

The Website or App may provide you access to websites or services owned and operated by third parties. These third party websites and services may have their own privacy policies and are not governed by this Privacy Policy. We are not responsible for the privacy practices or the content of any third party websites or services. Third party websites and services may collect, use and disclose personal information differently than us, so we encourage you to carefully read and review the privacy policy for each third-party website and service that you connect to your BASIS ID platform.

 

11. INFRINGEMENT OF PRIVACY

If you have any questions related to this policy or in case of any suspected infringement of your privacy, please contact us at support@basisid.com.

The Privacy Policy of BASIS ID is subject to Estonian law (except the conflict of laws rule) and any disputes shall be brought exclusively to courts located in Tallinn, Estonia.